Preventing spam without deterring genuine visitors

Spam is unfortunately far too common on the Internet, arising in forum posts, instant messaging, email and websites. Spam otherwise known as ‘junk’, is unsolicited/unwanted content and will often take the form of advertising or include malicious intent.

Like email, websites can also suffer from spam, particularly when they encourage interactivity from visitors. This is why many sites now require verification when registering or submitting content, either via email or through what is known as image verification.

Most spam is sent via spambots, automated customer systems that write content and distribute this unwanted content.

CAPTCHA is the technical term for automated technology that helps prevent spam. The most common form of CAPTCHA is that of typing text that appears within an image, known as image verification.

While the prevention of spam is necessary to reduce administrative overhead and should be utilized, it is important that user friendliness is not sacrificed.

If a genuine visitor has difficulty interacting with your website due to these spam prevention techniques, then in most cases they will simply find another site to fulfill their requirements.

The level of perseverance a visitor has will depend on their commitment to your product or service and the uniqueness or popularity of your offering. This is because most visitors understand that highly popular sites will be likely targets for spambots and hence will have a higher level of tolerance.

Just recently I was encouraged to participate in an online poll, the poll asked a series of questions and required the verification of text within an image to successfully submit these answers.

Unfortunately the content within the image was obscure and extremely difficult to read. After six attempts in trying to decipher the image, the form finally accepted my input.

While I persevered because the poll was about an issue that is important to me, had this been any other website I would not have persisted. That being said, the site was lucky that I was finally able to decipher the text on the sixth attempt because it was very likely I was not going to try for the seventh time.

The site is not entirely to blame, spambots have been able to decipher image verification and thus CAPTCHA now means increasingly obscure text, which not only makes it difficult for machines to interpret but also difficult for genuine visitors.

Yes, spambots are becoming more sophisticated in their ability to overcome spam prevention techniques, but it is worth considering the balance between prevention and deterring interaction with genuine site visitors.

While there is definitely a role for CAPTCHA techniques in preventing spam, it is worth considering other methods of spam prevention, particularly methods that prevent spambots from visiting your website in the first instance.

Various methods exist to prevent spambots from even being able to visit your website. This has advantages since these methods act as a gateway, preventing these systems from accessing your site in the first instance, thus reducing site traffic from non-genuine visitations.

Linux based webhosts, typically use Apache as a web server, which utilities the .htaccess file, which controls various parameters of a website, including who can access the site. This can be used to prevent automated spambots from even entering your site. Likewise solutions, such as Bad Behaviour, work in a similar fashion, through blocking spambots from entering your website in the first instance.

Should a spambot enter your site, most blog and content management systems can include blacklisting of certain terms, meaning they are automatically rejected, or a greylist, which requires authorization before being published. These greylists can often be set to require prior approval to any comments that include links to other sites, a common tactic used by spambots.

Most content management systems and blogging software will also support plugins some of which can provide further protection against spam providing additional safeguards.

Alternatives to image verification exist, such as the asking a question, which must be answered correctly to submit content (example: what is 1+1?). This has accessibility advantages, since image or audio based verification can be difficult to utilize from a usability perspective, although they do offer a higher degree of prevention.

No method of preventing spam will yield a 100% success rate. The key is to prevent spam as much as possible while not restricting genuine visitors from interacting and participating in your website.

Author Alex Makin

In a career spanning over fifteen years, Alex has been instrumental in transforming, reinvigorating and growing the capacity of businesses and not-for-profit organisations. He is a visionary who understands the big picture. Alex's expertise is a Certified Practising Marketer and as Chair of the Victorian State Council of the Australian Marketing Institute. Alex is also an accomplished speaker, author and mentor and former Mayor and Councillor for the City of Maroondah.